Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CSCI 4130 - Intro to Cybersecurity > Cryptography - Symmetric, Asymmetric, Basics > Flashcards

Cryptography - Symmetric, Asymmetric, Basics Flashcards

1
Q

Define

Symmetric Cryptography

A

Encryption key = decryption key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Algorithm for Symmetric Cryptography

A
  1. Generate key (KeyGen() => K )
  2. Encrypt message (E(K, M) = EK(M) = C )
  3. Decrypt message (D(C, K) = DK(C) = M )
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the attacker’s goal in symmetric cryptography?

A

Find out any information on the message(s) or the key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the goal of the defender in symmetric cryptography?

A

The attacker shouldn’t be able to distinguish which 2 messages were encrypted in cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

List the types of symmetric cryptography attacks

A
  • Ciphertext
  • Known plaintext
  • Chosen plaintext
  • Chosen ciphertext
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe

Ciphertext Attack

Symmetric Cryptography

A

Eve observes every instance of Cipher and has partial information Message (i.e. knows what language was used)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe

Known Plaintext Attack

Symmetric Cryptography

A

Eve knows part of Message and/or entirty of numerous Messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe

Chosen Plaintext Attack

Symmetric Cryptography

A

Eve picks a Message for Alice to encrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe

Chosen Ciphertext Attack

Symmetric Cryptography

A

Eve picks a ciphertext for Bob to decrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe

Secure Cryptic System

A

A costly system to break into

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Why are the costs high to break into a Symmetric Crypto system?

A
  • Expensive - exhaustion of resources and efforts
  • Useful lifetime of information may expire
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Probability of an Attacker winning

Symmetric Cryptography

A

Pr[Attacker wins] <= 50% or 1/2 + e

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Describe

Pseudorandom Number Generators

Symmetric Cryptography

A

A random-looking value that is actually determinastically created for inital vector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Describe

Stream ciphers

Symmetric Cryptography

A

Encrypting a plaintext with a pseudrandom digit 1 bit/byte at a time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Pros of Symmetric Cryptography

A

Strong confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Cons of Symmetric Cryptography

A
  • Weak authenticity
  • Weak integrity
  • Difficult to manage and distribute the secret keys
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Describe

One-Time Pad

A

When a random key is chosen and used once for each message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How long is a one-time pad?

A

As long as the message itself (revealing the length of the message)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What type of secure are one-time pads?

A

IND-CPA and IND-KPA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are the limits to one-time pads?

A
  • Must be truly random and independent
  • Requires secure distribution of secret keys
  • A large message would make a difficult one-time pad to manage
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Define

IND-KPA

A

When attacker can’t distinguish between 2 encryptions of the same key while knowing 2 plaintexts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Define

IND-CPA

A

When the attacker can’t distinguish between encryptions of different plaintext under the same key while knowing ciphertexts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which is stronger between IND-CPA and IND-KPA?

A

IND-CPA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What does IND-CPA imply?

A

That IND-KPA also holds true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Describe

Caesar Cipher

A

Rotation of letters by the kth position

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How can you defeat a Caesar Cipher?

A
  • Brute force
  • Frequency analysis
  • Known plaintext attacks
  • Chosen plaintext attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Upgrade

Caesar Cipher

A

Rotate the first character by K1 position, the second character by K2 position, … the nth character by Kn position

26
Q

Describe

Block Cipher

A

A determinalistic algorithm on a fixed block/length of bits

27
Q

A Block Cipher is not what type of secure?

A

IND-CPA

28
Q

Using a Block Cipher: short message

A

Includes padding

29
Q

Using a Block Cipher: long message

A

Repeat block cipher (Block Cipher Mode) and hide the same block encrypted twice along with inital vector (IV) for randomness

30
Q

Block Cipher Modes

A
  • Electronic Code Block (ECB)
  • Cipher Block Chaining (CBC)
  • Counter (CTR)
31
Q

Describe

Electronic Code Block (ECB) Mode

A

The message is split into n-bit blocks where each is independently encrypted/decrypted. All blocks will then be concatenated (output)

32
Q

Describe

Cipher Block Chaining (CBC) Mode

A

Uses a one time initial vector and includes the output of the previous block as input for the current block

33
Q

What type of secure is the CBC Block Chaining Mode?

A

IND-CPA

34
Q

Describe

Counter (CTR) Mode

A

Selects a random initial vector and increments it for each block

35
Q

What type of secure is the CTR Block Chaining Mode?

A

IND-CPA

36
Q

Define

Key

A

A randomly chosen value

37
Q

Define

Cryptoanalysis

A

Analysis of the algorithm/implementation to interfere with cryptography

38
Q

List all cryptographical algorithms

A
  • Symmetric
  • Asymmetric
  • One-Way Function
  • One-Way Hash Function
39
Q

Define

One-Way Function

A

A computation that is difficult to inverse

40
Q

Define

One-Way Hash Function

A

Given any string input, a fixed binary sequence random output would be returned

41
Q

Two ways to preserve integrity and authentication in cryptography

A

Strong hash functions and message authentication code (MAC)

42
Q

Why are strong hash functions not sufficient for cryptography?

A

Strong hash function values can be guessed

43
Q

Properties of a strong hash function

A
  • One-way: given y, it’s difficult to find x
  • Collision resistance: difficult to find x, x’
  • Second pre-image resistance: given x, it’s difficult to find x’
44
Q

Describe

Message Authentication Code (MAC)

A

A tag that verifies authentication and requires a shared secret key

45
Q

Define

Asymmetric Cryptography

A

Encrypting a message with recevier’s public key and decrypting the message with receiver’s private key

46
Q

Requirements for asymmetric cryptography

A
  • Key Generation: public key can’t compute the secret key (or vice versa)
  • Trapdoor permutation: 1-way perm without special instructions
47
Q

Describe

RSA Key Generation

Asymmetric Cryptography

A

Uses Euler’s Toitent to create the keys

48
Q

Describe

Euler’s Totient

A

Finding two very large prime numbers

49
Q

Pros of Asymmetric Cryptography

A
  • Secure key distribution
  • Confidentiality
50
Q

Cons of Asymmetric Cryptography

A
  • Weak integrity
  • No authentication
  • Repudiation (can be seen as falsified)
51
Q

Define

Diffie-Hellman Key (DHK) Exchange

A

The same secret key is shared

52
Q

Limitations of Diffie-Hellman Key (DHK) Exchange

A
  • No authenticity
  • Subject to MITM attacks (doesn’t verify who’s involved)
53
Q

Define

Ephemeral Diffie-Hellman Key (EDHK) Exchange

A

Temporary DH key (shared secret key) generated for every connection

54
Q

Limitations of the Ephemeral Diffie-Hellman Key (EDHK) Exchange

A

Higher overhead costs

55
Q

What does the Ephemeral Diffie-Hellman Key (EDHK) Exchange provide?

A

Forward secrecy

56
Q

Define

Forward Secrecy

A

When future compromises of passwords/secret keys from previous sessions cannot be used to retrieve encrypted sessions/communications from the past.

57
Q

Define

RSA Signature

A

A verifiable message that anyone can prove that a private key was used (digital signature algorithm)

58
Q

Upgrade

Asymmetric Cryptography Approach

A

A encrypts message with A’s secret key => A encrypts message again with B’s public key => B decrypts ciphertext with A’s public key

59
Q

Limitation to the Upgraded Asymmetric Cryptography Approach

A

MITM attacks can still occur

60
Q

What does the Upgraded Asymmetric Cryptography Approach resolve?

A

CIA and repudiation concerns

61
Q

Describe

Public Key Certificates

A

Binds an identity with their public key and prevents interception by endorsing/guaranteeing legitimacy from the Certificate Authority (3rd party)

62
Q

How does the Certificate Authority publish their own certificate?

A

Self-sign or have it signed by another Certificate Authority (company)

63
Q

Why do Certificate Authorities have to publish their own certificates?

A

To avoid interception

CSCI 4130 - Intro to Cybersecurity (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions